We performed a comparison between LogPoint and LogRhythm SIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogPoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: LogPoint's fixed pricing model is seen as cost-effective and competitive. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: LogPoint makes costs more predictable and enables companies to generate revenue through security operation services. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"It has basic out-of-the-box integrations with multiple log sources."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The initial setup is very simple and straightforward."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"It's pretty powerful and its performance is pretty good."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"Log collection, dashboards and reporting are good."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"They basically charge you in a better way."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"Provides visibility into the network."
"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"The product is great for medium to large-scale organizations."
"NextGen SIEM's most valuable feature is its user-friendliness."
"The security operation center is excellent."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"The reporting could be more structured."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"Logpoint is not flexible. Its documentation is not user-friendly."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"It is a good product, but its interface or GUI could be better."
"Dashboards could be developed further."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"We do about 750 million a day and some days we do 715 million. Some days we do 820 million or 1.2 billion. But there's no way to drill in and find out: "Where did I get 400,000 extra logs today?" What was going on in my environment that I was able to absorb that peak? I have no way to identify it without running reports, which will produce a long-running PDF that I have to somehow compare to another long-running PDF... I would like to see like profiling behavior awareness around systems like they've been gunned to do around users with UEBA."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
"I think there is room for improvement because the system is still running on the Windows Server platform. The problem with running on Windows is that it is not that good for scaling and providing for big deployment environments."
"Right now there is the concern about being able to gather all of the data into the system."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"In the next release, I would certainly like to see more HIPAA compliance. I would also like to see more integration with Palo Alto Networks, particularly their Traps, which is their endpoint solution."
Logpoint is ranked 29th in Log Management with 20 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Logpoint is rated 7.4, while LogRhythm SIEM is rated 8.4. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Wazuh and Fortinet FortiSIEM, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Fortinet FortiSIEM. See our LogRhythm SIEM vs. Logpoint report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.